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DETAILED ACTION 

1 . As of entry of the amendment and RCE filed 06/01/2007, claims 1-19 are 
pending in this application. Upon reconsideration, The Applicant's arguments are not 
persuasive (see Response to Arguments below). 

Drawings 

2. The drawings are objected to for the following reasons. 

The drawings are objected to under 37 CFR 1 .83(a). The drawings must show 
every feature of the invention specified in the claims. Therefore, the "plurality of 
interface images", "plurality of organization", "an application and associated application 
data specific to said particular organization" must be shown or the feature(s) canceled 
from the claim(s). No new matter should be entered. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraph of 35 U.S.C. § 102 in 
view of the AIPA and H.R. 2215 that forms the basis for the rejections under this section 
made in the attached Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

Claims 1-5, 7-8, and 10-19 are rejected under 35 U. S. C. § 102 (e) as being 
anticipated by Thompson et al. (U.S. pub. No. 2003/0229522). 

Regarding to claims 1, and 16-19, Thompson et al. discloses a system enabling 
individual organizations of a plurality of different organizations (i.e., "many different type 
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of people, both within and outside an organization" (0283)) to manage access of their own 
respective employees (i.e., "can access the organization 's data") (0283) to at least one 
remotely located application hosted by an application service provider (900)(see fig. 
8)(0271), comprising: at an application service provider site (202) (fig. 2A) and (900) 
(fig. 8)at least one database (907) containing data representing (see fig. 8), a plurality 
of user interface images (i.e., "each benefit broker/consultant can display their own name, 
logo and colors on user interface screens 1 (0116) associated with a corresponding plurality 
of organizations (i.e., "each benefit broker/consultant can display their own name, logo and 
colors on user interface screens" (0116), and a plurality of executable procedures 
associated with the corresponding plurality of user interface images (i.e., "the 

application 20 may contain image branding portal customization and personalization tools and 
templates" (01 16), an executable procedure supporting a user of a particular 
organization (i.e., "the client tier 902 may be a browser which executes the application 's user 
interface with which the user directly interacts" (0271 )) of said plurality of organization in 
managing access of employees of the particular organization (i.e., "different users 1105 
as generally represented by the different blocks in the user portals 1114 will be allowed access 
to different portions of the application") (0284) to an application hosted by an application 
service provider (900)(see fig. 8)(0271), and used by said plurality of organization (i.e., 
"many different type of people, both within and outside an organization" (0283)); and a 
command processor employing the at least one database (907, 909) for initiating 
execution of a particular executable procedure organization in response to a command 
initiated at a remote location associated with the particular organization^.*?., "a user, 
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referred to in the diagram as a client (e.g., a benefit consultant, benefit consultant firm, or 
employer which may be a client of the application owner /administrator), may upon login 200 
change a password or perform one or more other client portal management functions (202) 
(202 at ASP)" (0162)) using a particular user interface image (i.e., "the client tier 902 may 
be a browser which executes the application *s user interface with which the user directly 
interacts' (0271 )) associated with the particular executable procedure and with the 
particular organization (see fig. 10-12), the particular executable procedure supporting 
the user in managing and granting access of an employee (i.e., "security and user APIs 
1010 shown in FIG. 9" or at fig. 2 A shows user login and perform one or more other client 
portal management functions (managing and granting access of an employee at 230) of the 
particular organization to an application, an authorization processor for authorizing 
access of the user to a particular user interface image (i.e., 'various services, ranging 
from personalization to authentication to security, for private or confidential data or internal 
business processes, need to be provided" ) (02 83) and excluding access by employees of 
organizations other than said particular organization (0288) or (i.e., "a second human 
resource employees may be given restricted access to perform limited plan maintenance 
support tasks, as determined by the employer' (01 26)). 

Regarding claim 2, Thompson et al. discloses said at lest one database (907, 
909), said command processor, said application (20) and associated application data 
specific to said particular organization {i.e., "broker", " Administration" (11 1 1) , etc.), are 
located at said application service provider (900) (fig. 9) site behind a firewall (91 1) and 
accessed through said firewall by users (902) of said plurality of organization (i.e., 
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"broker", " 'Administration "(1 1 1 1) , etc.) and include an authorization processor for 
authorizing access of the user to the particular user interface image and the associated 
particular executable procedure in response to received identification information (i.e., 
"authentication ")(0285) of the user (0284-0285). 

Regarding claims 3-4 , Thompson et al. discloses said particular executable 
procedure and said particular user interface image (i.e., "each benefit broker/consultant 
can display their own name, logo and colors on user interface screens' (0116) are specifically 
associated with said particular organization (i.e., "the application 20 may contain image 
branding portal customization and personalization tools and templates' (01 16) or "The 
application is accessed by an authorized user such that the authorized user through a plan 
creator user interface provided by the at least one presentation panel can create a benefit plan 
using the benefit plan design creation template" (0020) or "The personalized image branding 
includes selection of one or more characteristics of one or more of the user interfaces displayed 
to the one or more users " (0023)) and an authorization processor excludes access of the 
user and employees (i.e., "users 1105"){0284) of the particular organization (i.e.. "different 
portion of the application functionality" (0284) to user interface images and executable 
procedures and data associated with organizations other than the particular 
organization (0284) by removing permission (i.e. "edit-control access" ) (0286) of the 
user and employees of the particular organization to access the data associated with 
the other organizations from a directory of permissions used to control data access (i.e., 
"The application is accessible via one or more user portals customizable to permit one or more 
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users access to all or a limited portion of at least one of the presentation panels and/or employee 
benefits management plan data " (0023 )(0025)). 

Regarding claim 5, Thompson et al. discloses the directory of permission 
comprises a Microsoft compatible Active Control List (i.e., "edit-control access")(0286). 

Regarding claim 7, Thompson et al. discloses the plurality of executable 
procedures comprises a plurality of sets of executable procedures associated with the 
corresponding plurality of user interface images organization (i.e., "the client tier 902 may 
be a browser which executes the application 's user interface with which the user directly 
interacts" (0271 )) and the command processor employs the at least one database 
(907,909) for initiating execution of a particular executable procedure in a particular set 
of executable procedures in response to a command initiated using the particular 
executable procedure in a particular set of executable procedures in response to a 
command initiated using the particular user interface image (see fig. 1, 9-12). 

Regarding claim 8, Thompson et al. discloses an executable procedure enables 
the user to at least one of add an employee and remove an employee, of an 
organization as a user entitled to access the application hosted by the application 
service provider (i.e. u edit-control access" ) (0286) . 

Regarding claim 10, Thompson et al. discloses an executable procedure enables 
the user to amend information used in authorizing a particular employee of an 
organization to access (i.e. "edit-control access" ) (0286) the application hosted by the 
application service provider (900)(0286). 
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Regarding claims 11-12, Thompson et al. discloses an authorization processor 
for authorizing access of the employee of the particular organization to the particular 
user interface image and the associated particular executable procedure in response to 
received employees identification information (i.e., "authentication") (0284-0285). 

Regarding claim 13, Thompson et al. discloses disclose an executable 
procedure comprises processor executable instruction in a computer language including 
at least a compilable computer language (0282 or claim 55). 

Regarding claim 15, Thompson et al. discloses at least one of, the command is 
initiated at a user site via a particular user interface image (i.e., "each benefit 
broker/consultant can display their own name, logo and colors on user interface screens' (0116) 
communicated to the user site (01 16). 

Regarding claim 14, Thompson et al. discloses a template procedure customized 
by at least one of the user and a technician (0076). 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 6 and 9 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Winter Thompson et al. (U.S. pub. No. 2003/0229522) in view of Clark et al. (U.S. 
Patent No. 7,237,119). 
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With respect to claims 6 and 9, Thompson et al. discloses all limitations of 
claimed invention recited in claim 4 and 8 except changes authorization information 
associated with the added or removed employee. However, Clark et al. discloses 
changes authorization information associated with the added or removed employee (i.e., 
"the administrator (s) of those application(s) can be overwhelmed by numerous requests to add 
new users and/or to change the authorization levels of existing users of the application (s)" (col. 
1, line 1-25). It would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to modify Thompson's system by adding the function to 
change authorization information associated with the added or removed employee in 
order to have helpful system in preventing unauthorized access for the stated purpose 
has been well known in the art as evidenced by teaching of Clark et al. (col. 1 , line 10- 
13). 

Response to Arguments 

6. Applicant's arguments filed 06/01/2007, with respect to the rejection(s) of claim(s) 1-19 
under Thompson have been fully considered and are not persuasive. The flowing is the response 
of the Applicant's argument. 

• "The drawings are objected to because. . .drawing be withdrawn" (second 
paragraph, page 8). 

Examiner remarks: 

The Applicant arguments are not persuasive. Figure 1, the database 138 showing that 
"user Interface Images" without showing "a plurality of user interface images 
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associated with corresponding plurality of organization". Figs. 2-14 shows plurality 
of "single image" without showing "a plurality of user interface images associated 
with corresponding plurality of organization". 

• "Unlike the present claimed system, Thompson describes a benefit management 
. . .without the need to contact the application service provider (ASP)" (first 
paragraph, page 10) 

Examiner remarks: 

The Applicant arguments are not persuasive. Thompson discloses the system that 
allow individual customer to manage and control their own access rights as well as 
exclude access of "application data specific to said particular organization" from 
other user as showing in fig. 2 that client access at the remote (200) and manage and 
control their own access rights by using the "Employer Benefit Management at 202 
(see fig. 2 A). Further, The Applicant's argument is not support claimed language 
such as "without the need to contact the applicant service provider (ASP)". The 
claims do not recite the limitation "without the need to contact the applicant 
service provider (ASP)". 

• "Contrary to the claimed system, Thompson, in Figure 8 and the corresponding 
description, describes an (ASP). . .their OWN access of their own employees 
without ASP intervention" (second paragraph, page 10 and first paragraph, page 
11). 

Examiner remarks: 
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The Examiner does not agree with the Applicant. Thompson discloses all 
limitations recited in the claimed invention such as client management of a particular 
application hosted by an ASP (Fig. 2 shows that client at 200 and control and 
management of particular application hosted by an ASP at 202). Further, the claimed 
invention does not support the Applicant's argument because the claims do not recite 
"this architecture functions to allow a user to access applications and data AFTER a 
user is previously authorized to do" and "the claimed system enables individual 
customer organizations of an ASP to manage their OWN access of their own 
employees without ASP intervention". Furthermore, Thompson also discloses 
"particular executable procedure" associated with an organization specific user 
interface image (Examiner asserts that client 200 can access to ASP to managing and 
granting access by using the executable procedure at 202 at ASP (i.e. "a user may select 
to export data from an interface of the application 20 to an integrated application " (0170)) 
"supporting the user in managing and granting access of an employee (230) of the 
particular organization (Employer Benefit Management 230 such as Financial, etc.) 
and excluding access to said application data specific to said particular organization 
by employees of organizations other than said particular organization (i.e., "a second 

human resource employees may be given restricted access to perform limited plan maintenance 
support tasks, as determined by the employer" (0126). 

• " Figure 1 of the present application show a system for accessing a server via 
firewall to grant. . .This architecture is neither disclosed nor suggested by 
Thompson" (second paragraph, page 1 1). 
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Examiner remarks: 

In response to the Applicant's argument above, the Applicant's argument is not 
persuasive because the claims do not support the Applicant's argument. 
• "Thompson superficially describes Authorization to access and limit rights . . .the 

rejection of claim 1 be withdrawn." (last paragraph, page 1 1). 
Examiner remarks: 

In response to the Applicant's argument above, the Applicant's argument is not 
persuasive because Thompson suggest that "in response to a command (client accesses 
at remote location as command) initiated at a remote location (at remote location as client 200, 
400, 500, 550 or 400)(figs. 2-5) associated with the particular organization using a 
particular user interface image associated with the particular executable procedure 
and with the particular organization (Examiner asserts that User (user can be admin, user with 

authority, client) can access to the ASP to edit the "control access list" (0286), and management at 
"Businesses/Enterprise Application Administration" (402), "Provider Authorization", and "Employer 
Benefit Management" (202) (fig. 2-5) ) the particular executable procedure supporting the 

user in managing (i.e., "a user, referred to in the diagram as a client (e.g., a benefit consultant, 

benefit consultant firm, or employer which may be a client of the application owner/administrator), 
may upon login 200 change a password or perform one or more other client portal management 
functions (202) (202 at ASP)" (0162) and granting access (i.e., "edit-control access" (0286)) of 

an employee of the particular organization to an application and associated 
application data specific to said particular organization and excluding access to said 
application data specific to said particular organization by employees of organization 
other than said particular organization" as claimed invention. Further, based on the 
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ACL structure, the user (at client at remote location) based on their authority, they 
(clients) can remote access and can edit the ACL to grant the access of an employee 
of the particular organization as the basic of functional of ACL (0286). Thus, 
Thompson does show or suggest a system enabling individual customer (client or user 
at remote location) of an ASP service to manage their own access rights excluding 
access by other customer without need to consult the ASP as in the present claimed 
invention. The claims do not recite "without need to consult the ASP"; therefore the 
Applicant's argument does not support the claimed invention. 

• "Amended claim 2 is dependent on claim 1 and is considered patentable for . . .it is 
respectfully requested that the rejection of claim 2 be withdrawn." (first 
paragraph, page 12). 

Examiner remarks: 

In response to the Applicant's argument above, the Applicant's argument is not 
persuasive. Thompson discloses all limitation as recited in claim. Further, 
Thompson discloses, in paragraph 0025, the client (user) (at remote location) can 
view or edit the presentation panels is restricted and/or providing data security such 
that user access to view or edit data of one or more presentation panels is restricted. 

• "Amended claim 3 is dependent on claim 1 and 2 and is considered patentable for 
. . .requested that the rejection of claim 3 be withdrawn" (second paragraph, page 
12). 

Examiner remarks: 
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In response to the Applicant's argument above, the Applicant's argument is not 
persuasive. Thompson discloses the ACL (0286), the function of ACL that provide 
excludes access, that means based on the ACL, the system will provide excluding 
access. . .by employees of organization. Further, Thompson also discloses excludes 
access. . .by employees or organization other than the particular organization (i.e., "a 
second human resource employees may be given restricted access to perform limited 
plan maintenance support tasks, as determined by the employer" (0126)). 

• "Claim 5 is dependent on claims 1-4 and is considered patentable. . .requested that 
the rejection of claim 5 be withdrawn." (third paragraph, page 13). 

Examiner remarks: 

The Examiner does not agree with Applicant's argument. Thompson discloses 
"control access" is equivalent with claimed invention that ACL because ACL has 
control list of authorization of user or organization to access. Thompson discloses 
edit-control access that means control access list is edited. 

• "Claim 8 is dependent on claim 1 and is considered patentable for the reasons 
presented above with respect to claim 1 . . .the rejection of claim 8 be withdrawn" 
(third paragraph, page 14). 

Examiner remarks: 

In response to the Applicant's argument above, the Applicant's argument is not 
persuasive because Thompson discloses "in response to a command initiated at a 
remote location associated with particular organization" (client (902) remote access to 
particular organization that equivalent of "in response to a command initiated at a 
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remote location associated". Thus, Thompson discloses all limitations of claimed 
invention. Furthermore, the claim does not support the Applicant's argument. The 
claim does not recite, "without the intervention of the ASP hosting the application 
being accessed" 

• "Claim 10 is depend on claim 1 and is considered . . .that the rejection of claims 
1 1 and 12 be withdrawn" (second and third paragraph, page 15). 

Examiner remarks: 

In response to the Applicant's argument above, the Applicant's argument is not 
persuasive because Thompson discloses "edit control access" by user is equivalent 
with unable the user to amend information used in authorizing a particular employee. 
Thompson discloses all limitation of claimed invention. 

• "Claim 14 is dependent on claim 1 and is considered patentable for the reasons 
. . .the rejection of claim 14 be withdrawn" (first paragraph, page 16). 

Examiner remarks: 

In response to the Applicant's argument above, the Applicant's argument is not 
persuasive because Thompson discloses "in response to a command initiated at a 
remote location associated with particular organization" (client (902) remote access to 
particular organization that equivalent of "in response to a command initiated at a 
remote location associated". 
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Conclusion 



7. 



Any inquiry concerning this communication or earlier communications from the 



examiner should be directed to Hung T. Vy whose telephone number is 571-2721954. The 
examiner can normally be reached on 8.30am - 5.30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Don Wong can be reached on 571 272 1834. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 




Hung T. Vy 
Art Unit 2163 
August 3, 2007. 



